Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/p_0nzYZCdcdsRR3zYeTyT_CVDSo.roa
File: p_0nzYZCdcdsRR3zYeTyT_CVDSo.roa (raw, json)
Hash identifier: ptynGJI74FyMmk6w7lJ5YsNj+0NEOOPVaTOZIkgxkQo=
Subject key identifier: A7:FD:27:CD:86:42:75:C7:6C:45:1D:F3:61:E4:F2:4F:F0:95:0D:2A
Certificate issuer: /CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Certificate serial: 018480197F47759DF84F3CB21C2FC23F7EE0
Authority key identifier: 35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/p_0nzYZCdcdsRR3zYeTyT_CVDSo.roa
Signing time: Wed 16 Nov 2022 11:01:05 +0000
ROA not before: Wed 16 Nov 2022 11:01:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35600
IP address blocks: 45.84.112.0/22 maxlen: 24
185.56.176.0/22 maxlen: 22
91.221.92.0/23 maxlen: 24
91.221.106.0/23 maxlen: 24
194.117.246.0/23 maxlen: 23
185.48.132.0/22 maxlen: 24
2001:67c:184c::/48 maxlen: 48
2a02:5520::/32 maxlen: 32
2a00:4780::/32 maxlen: 32
2a0e:ac80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:80:19:7f:47:75:9d:f8:4f:3c:b2:1c:2f:c2:3f:7e:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Validity
Not Before: Nov 16 11:01:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a7fd27cd864275c76c451df361e4f24ff0950d2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:83:4c:5a:28:44:e8:72:ce:e0:15:50:94:26:
b1:4d:49:c3:eb:13:8a:03:09:54:8b:94:8e:9b:73:
d4:0c:a5:12:06:5b:f1:7c:0b:30:64:56:92:a4:9e:
3a:c6:22:ee:2f:18:d4:af:27:e4:a1:02:d9:68:09:
0e:98:78:6e:a8:1c:5a:02:70:ac:7f:e4:0f:45:ab:
97:1e:98:1c:ae:d2:ee:2c:e6:7f:2e:81:76:84:f1:
23:04:b9:cc:24:89:d9:34:8d:9a:ad:f1:61:9c:9d:
9e:eb:d6:a7:7e:03:a9:f7:63:b8:2a:48:0a:f4:25:
58:a5:60:e6:14:cf:a4:b7:ce:f8:53:c6:55:49:85:
89:5e:f2:a7:65:c5:90:6e:aa:8d:82:41:d7:55:7b:
10:aa:62:d9:c3:9a:67:21:a2:d8:48:8b:b6:6e:2c:
6e:f7:f1:e3:e4:20:a1:78:56:b9:c2:89:26:49:e1:
f3:9c:a8:20:19:23:9e:c8:b0:e4:8e:d4:8e:52:65:
b4:67:2b:f8:e7:03:36:43:35:4d:fb:1f:a4:ad:00:
b8:ee:df:49:c2:40:34:91:94:22:80:cf:cb:14:c3:
76:c4:5c:53:87:57:a9:aa:59:38:63:b9:f4:4b:f7:
24:b1:1a:6f:6c:a1:de:33:79:82:8a:c3:16:9b:9f:
2a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:FD:27:CD:86:42:75:C7:6C:45:1D:F3:61:E4:F2:4F:F0:95:0D:2A
X509v3 Authority Key Identifier:
keyid:35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/p_0nzYZCdcdsRR3zYeTyT_CVDSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.112.0/22
91.221.92.0/23
91.221.106.0/23
185.48.132.0/22
185.56.176.0/22
194.117.246.0/23
IPv6:
2001:67c:184c::/48
2a00:4780::/32
2a02:5520::/32
2a0e:ac80::/29
Signature Algorithm: sha256WithRSAEncryption
1b:8d:2c:36:6e:13:cd:a4:f6:6d:8e:6e:d6:2c:18:f7:1c:59:
07:a7:87:4d:17:66:5a:7f:24:9e:34:06:87:ec:2c:ad:0f:76:
d4:bb:66:1f:2c:1d:e4:b2:b4:9c:6f:4d:11:88:7e:e0:ea:58:
b2:3d:c9:f7:83:c6:57:bf:96:bd:db:1b:99:d3:19:da:98:21:
31:50:09:6e:87:aa:5b:6a:82:e6:ee:84:d7:b6:8d:88:65:69:
ac:21:c4:07:e1:f4:af:d1:5b:32:7c:88:6d:e3:91:45:29:d0:
cb:aa:8f:d7:33:5a:4b:6b:89:c7:bb:2c:90:aa:9a:37:82:33:
d5:c7:4e:ba:05:35:39:75:f6:bc:1b:09:f7:88:e9:9a:11:b1:
80:49:88:30:4a:ac:79:ed:79:aa:2e:09:c7:40:51:06:0e:66:
4c:0b:0d:9f:da:68:84:35:e3:1a:40:83:40:64:94:0f:6d:22:
a1:16:28:b1:f3:c1:19:4d:f3:9e:74:85:9b:13:93:40:6b:a1:
70:7c:d9:58:ec:36:60:a2:4c:52:ae:ca:ec:00:f4:d5:11:37:
7d:b9:3c:b3:16:34:d1:ba:3b:cf:27:8d:b7:b5:48:97:22:75:
55:e6:04:18:e8:ff:5a:b5:08:29:74:9a:cd:76:52:57:68:3b:
9e:76:97:dd
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYSAGX9HdZ34TzyyHC/CP37gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmY4OTE5ZTZiYzFlZjU2NjM0ODkwMThmYzg3NWJlMzRj
MGYyNGMwHhcNMjIxMTE2MTEwMTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2ZkMjdjZDg2NDI3NWM3NmM0NTFkZjM2MWU0ZjI0ZmYwOTUwZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYNMWihE6HLO4BVQlCaxTUnD6xOK
AwlUi5SOm3PUDKUSBlvxfAswZFaSpJ46xiLuLxjUryfkoQLZaAkOmHhuqBxaAnCs
f+QPRauXHpgcrtLuLOZ/LoF2hPEjBLnMJInZNI2arfFhnJ2e69anfgOp92O4KkgK
9CVYpWDmFM+kt874U8ZVSYWJXvKnZcWQbqqNgkHXVXsQqmLZw5pnIaLYSIu2bixu
9/Hj5CCheFa5wokmSeHznKggGSOeyLDkjtSOUmW0Zyv45wM2QzVN+x+krQC47t9J
wkA0kZQigM/LFMN2xFxTh1epqlk4Y7n0S/cksRpvbKHeM3mCisMWm58qXQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFKf9J82GQnXHbEUd82Hk8k/wlQ0qMB8GA1UdIwQY
MBaAFDUviRnmvB71ZjSJAY/Idb40wPJMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAt
ZTNmY2IyM2UzNDM4LzEvcF8wbnpZWkNkY2RzUlIzelllVHlUX0NWRFNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAtZTNmY2IyM2UzNDM4
LzEvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjAqBAIAATAkAwQCLVRwAwQB
W91cAwQBW91qAwQCuTCEAwQCuTiwAwQBwnX2MCQEAgACMB4DBwAgAQZ8GEwDBQAq
AEeAAwUAKgJVIAMFAyoOrIAwDQYJKoZIhvcNAQELBQADggEBABuNLDZuE82k9m2O
btYsGPccWQenh00XZlp/JJ40BofsLK0PdtS7Zh8sHeSytJxvTRGIfuDqWLI9yfeD
xle/lr3bG5nTGdqYITFQCW6HqltqgubuhNe2jYhlaawhxAfh9K/RWzJ8iG3jkUUp
0Muqj9czWktrice7LJCqmjeCM9XHTroFNTl19rwbCfeI6ZoRsYBJiDBKrHnteaou
CcdAUQYOZkwLDZ/aaIQ14xpAg0BklA9tIqEWKLHzwRlN8550hZsTk0BroXB82Vjs
NmCiTFKuyuwA9NURN325PLMWNNG6O88njbe1SJcidVXmBBjo/1q1CCl0ms12Uldo
O552l90=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:37 2024 by rpki-client on console-fra.rpki-client.org